Changeset 6713


Ignore:
Timestamp:
07/27/10 14:37:12 (10 years ago)
Author:
plg
Message:

bug 1757 fixed: ability to use HTML in author field

Location:
branches/2.1
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • branches/2.1/admin/element_set_unit.php

    r6364 r6713  
    6868    $data['level'] = $_POST['level-'.$row['id']]; 
    6969 
    70     foreach (array('name', 'author', 'level') as $field) 
     70    foreach (array('name', 'level') as $field) 
    7171    { 
    7272      if (!empty($_POST[$field.'-'.$row['id']])) 
     
    239239            '&image_id='.$row['id'], 
    240240        'NAME' => !empty($row['name'])?$row['name']:'', 
    241         'AUTHOR' => !empty($row['author'])?$row['author']:'', 
     241        'AUTHOR' => !empty($row['author'])?htmlspecialchars($row['author']):'', 
    242242        'LEVEL' => !empty($row['level'])?$row['level']:'0', 
    243243        'DESCRIPTION' => !empty($row['comment'])?$row['comment']:'', 
  • branches/2.1/admin/picture_modify.php

    r6364 r6713  
    237237    'REGISTRATION_DATE' => format_date($row['date_available']), 
    238238 
    239     'AUTHOR' => isset($_POST['author']) ? $_POST['author'] : @$row['author'], 
     239    'AUTHOR' => htmlspecialchars( 
     240      isset($_POST['author']) 
     241        ? stripslashes($_POST['author']) 
     242        : @$row['author'] 
     243      ), 
    240244 
    241245    'DESCRIPTION' => 
  • branches/2.1/themes/default/template/header.tpl

    r6595 r6713  
    66{if isset($meta_ref) }  
    77{if isset($INFO_AUTHOR)} 
    8 <meta name="author" content="{$INFO_AUTHOR|@replace:'"':' '}"> 
     8<meta name="author" content="{$INFO_AUTHOR|@strip_tags:false|@replace:'"':' '}"> 
    99{/if} 
    1010{if isset($related_tags)} 
Note: See TracChangeset for help on using the changeset viewer.